CyberInsecurity: The Cost or Monopoly notes that Microsoft’s business plan is to guard their PC software monopoly more than making software secure.
They claim that complexity is a means to that higher goal.
Modularity is a principle tool for security and Windows is not modular.
MS has plausible surface arguments that this architecture achieves friendliness.
Perhaps their principle point is against monoculture.

Security has become a strategic concern at Microsoft but security must not be permitted to become a tool of further monopolization.

The claim, with which I agree, is that MS will argue that we must keep non MS software out of our computers to achieve security and that this argument is bogus.
Their architecture has tended to make this claim plausible.
Their closing recommendation is to require by law the publication of interfaces to the various major system components to achieve modularity thus allowing piecemeal replacement of components.

Windows XP Service Pack 2: Install With Care illustrates nicely a point made in the previous paper: beyond some complexity point, a bug fix is expected to introduce more than one bug.
This was a point made about 1970 by Belady.

This notes the emergence of the virtual mobile phone service provider.
The real provider’s employee’s climb cell towers.
The virtual providers buy from the latter and add soft services much like the Internet portals.

The silent monopoly notes the near monopoly of the ARM processor chip in cell phones.
ARM, the company, does not build chips but licenses the design to others.